I've setup a simple translucent conf like described here http://www.openldap.org/doc/admin24/overlays.html#Translucent Proxy , on a Debian squeeze, 2.4.23 server. lastmod off overlay translucent translucent_local telephoneNumber3,gidNumber uri "ldap://master.example.com" acl-bind binddn="cn=manager,dc=example,dc=com" credentials="{SHA}ABC123"
I can overridde (gidNumber) or add attributes(telephoneNumber3): $ cat add.ldif dn: uid=bob,ou=people,dc=example,dc=com gidNumber: 00000 telephoneNumber3: 0000000 $ ldapadd -H ldap://proxy.example.com -x -W -D 'cn=Manager,dc=example,dc=com' -f add.ldif adding new entry "uid=bob,ou=people,dc=example,dc=com"
A query on translucent server retrieve remote and local attribute: $ ldapsearch -LLL -H ldap://proxy.example.com -x -b "ou=people,dc=example, dc=com" '(uid=bob)' dn: uid=bob,ou=people,dc=example,dc=com ... gidNumber: 00000 telephoneNumber: 1111111 telephoneNumber3: 0000000
But searches against locally added or overridden attributes fail: $ ldapsearch -LLL -H ldap://proxy.example.com -x -b "ou=people,dc=example, dc=com" '(gidNumber=00000)' $ ldapsearch -LLL -H ldap://proxy.example.com -x -b "ou=people,dc=example, dc=com" '(telephoneNumber3=0000000)'
thank you for your help